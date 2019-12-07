AFP, WASHINGTON

A Lamborghini-driving Moscow hacker who called his operation “Evil Corp” and allegedly has ties to the Russian Federal Security Service (FSB) intelligence agency was on Thursday indicted by US authorities for the cybertheft of tens of millions of dollars.

An indictment unsealed in Pittsburgh, Pennsylvania, named Maksim Yakubets and his Evil Corp partner Igor Turashev as the main figures in a group that inserted malware on computers in dozens of countries to steal more than US$100 million from companies and local authorities.

The indictment was accompanied by sanctions from the US Department of the Treasury on the two men, as well as the announcement of a US$5 million reward toward Yakubets’ arrest and conviction — the highest-ever reward offered for a cybercriminal.

“Maksim Yakubets allegedly has engaged in a decade-long cybercrime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide,” US Assistant Attorney General Brian Benczkowski said.

The department said that Yakubets specifically worked for the FSB “as of 2017” and was “tasked to work on projects for the Russian state.”

“Evil Corp and their Dridex software serves as yet another example of the Russian government enlisting the assistance of cybercriminals to carry out malign activities,” a department official told reporters on condition of anonymity. “Today’s action makes absolutely clear that we will not tolerate this type of activity by any government or by any government’s proxies.”

Evil Corp used phishing schemes to insert Dridex, Bugat and other malware files on victims’ computers, gaining access to identities, passwords and ultimately bank accounts, from which they transferred millions of dollars to themselves.

Their tools, which built on an early malware known as Zeus, could also be used to defeat banks’ online computer security systems.

Investigators were already aware of Yakubets, 32, in 2009, after they traced him from his online nickname “aqua.”

The British National Crime Agency, which took part in the investigation, said that he was unabashed about his wealth, spending more than ￡250,000 (US$328,778) on his wedding.

His customized Lamborghini has a personalized number plate that translates to “thief,” it added.

Yakubets oversaw the Evil Corp network managing the thefts and transfers of money.

Officials said that the hackers ran a constantly evolving, innovative and audacious operation that stayed ahead of investigators, even as network nodes were shuttered and some of its participants arrested, including two Ukraine-based hackers in 2014.

In 2015, US and British investigators disabled the Dridex botnet, but “within weeks” Evil Corp adapted it and their infrastructure to resume their thefts.

The group “had a level of sophistication and scope of threat that we rarely see,” Pittsburgh-based US Attorney Scott Brady said.

Victims included a Franciscan Sisters religious order, a Pennsylvania district school board, an oil company and a gun manufacturer.

In the US, the total stolen in almost a decade was US$70 million, while worldwide the known losses top US$100 million, officials said.

At least 300 affected banks are known, but officials said that the individuals robbed could number in the thousands worldwide.